SIEM---Wazuh/hook.php

<?php
/*
 * Plugin SIEM-Wazuh pour GLPI
 * Hook file for installation/uninstallation
 */

/**
 * Plugin install process
 *
 * @return boolean
 */
function plugin_siem_wazuh_install() {
    global $DB;

    $version = plugin_version_siem_wazuh();
    
    // Lecture du fichier SQL d'installation
    $sql_file = GLPI_ROOT . "/plugins/siem-wazuh/sql/install.sql";
    
    if (!file_exists($sql_file)) {
        return false;
    }
    
    $sql_content = file_get_contents($sql_file);
    $queries = explode(';', $sql_content);
    
    foreach ($queries as $query) {
        $query = trim($query);
        if (!empty($query)) {
            $DB->queryOrDie($query, "Erreur lors de l'installation du plugin SIEM-Wazuh : " . $DB->error());
        }
    }
    
    // Création des droits par défaut
    plugin_siem_wazuh_create_default_rights();
    
    // Création de la tâche cron
    plugin_siem_wazuh_create_cron_tasks();
    
    // Configuration par défaut
    plugin_siem_wazuh_create_default_config();
    
    return true;
}

/**
 * Plugin uninstall process
 *
 * @return boolean
 */
function plugin_siem_wazuh_uninstall() {
    global $DB;

    // Lecture du fichier SQL de désinstallation
    $sql_file = GLPI_ROOT . "/plugins/siem-wazuh/sql/uninstall.sql";
    
    if (file_exists($sql_file)) {
        $sql_content = file_get_contents($sql_file);
        $queries = explode(';', $sql_content);
        
        foreach ($queries as $query) {
            $query = trim($query);
            if (!empty($query)) {
                $DB->queryOrDie($query, "Erreur lors de la désinstallation du plugin SIEM-Wazuh : " . $DB->error());
            }
        }
    }
    
    // Suppression des tâches cron
    plugin_siem_wazuh_remove_cron_tasks();
    
    // Suppression des droits
    plugin_siem_wazuh_remove_rights();
    
    return true;
}

/**
 * Plugin update process
 *
 * @param string $current_version
 * @return boolean
 */
function plugin_siem_wazuh_update($current_version) {
    global $DB;
    
    // Mise à jour de la version 1.0.0
    if (version_compare($current_version, '1.0.0', '<')) {
        // Ajout de nouvelles colonnes si nécessaire
        $migration = new Migration(PLUGIN_SIEM_WAZUH_VERSION);
        
        // Exemple de migration
        if (!$DB->fieldExists('glpi_plugin_siem_wazuh_servers', 'ticket_category')) {
            $migration->addField('glpi_plugin_siem_wazuh_servers', 'ticket_category', 'int(11) DEFAULT NULL');
        }
        
        $migration->executeMigration();
    }
    
    return true;
}

/**
 * Create default rights
 */
function plugin_siem_wazuh_create_default_rights() {
    global $DB;
    
    $rights = [
        'plugin_siem_wazuh_config' => ['name' => __('SIEM Wazuh Configuration', 'siem-wazuh')],
        'plugin_siem_wazuh_server' => ['name' => __('Wazuh Servers', 'siem-wazuh')],
        'plugin_siem_wazuh_alert'  => ['name' => __('Wazuh Alerts', 'siem-wazuh')]
    ];
    
    foreach ($rights as $right => $data) {
        // Ajout du droit s'il n'existe pas
        $query = "SELECT id FROM glpi_profilerights WHERE name = '$right'";
        $result = $DB->query($query);
        
        if ($DB->numrows($result) == 0) {
            $query = "INSERT INTO glpi_profilerights (profiles_id, name, rights) 
                      SELECT id, '$right', '0' FROM glpi_profiles";
            $DB->query($query);
            
            // Attribution des droits au profil Super-Admin
            $query = "UPDATE glpi_profilerights SET rights = '" . (READ | UPDATE | CREATE | DELETE | PURGE) . "' 
                      WHERE name = '$right' AND profiles_id IN (
                          SELECT id FROM glpi_profiles WHERE name = 'Super-Admin'
                      )";
            $DB->query($query);
        }
    }
}

/**
 * Remove rights
 */
function plugin_siem_wazuh_remove_rights() {
    global $DB;
    
    $rights = [
        'plugin_siem_wazuh_config',
        'plugin_siem_wazuh_server',
        'plugin_siem_wazuh_alert'
    ];
    
    foreach ($rights as $right) {
        $query = "DELETE FROM glpi_profilerights WHERE name = '$right'";
        $DB->query($query);
    }
}

/**
 * Create cron tasks
 */
function plugin_siem_wazuh_create_cron_tasks() {
    CronTask::Register('PluginSiemWazuhAlert', 'sync_alerts', 5 * MINUTE_TIMESTAMP, [
        'comment'   => __('Synchronize Wazuh alerts', 'siem-wazuh'),
        'mode'      => CronTask::MODE_EXTERNAL
    ]);
    
    CronTask::Register('PluginSiemWazuhAlert', 'cleanup_old_alerts', DAY_TIMESTAMP, [
        'comment'   => __('Cleanup old alerts', 'siem-wazuh'),
        'mode'      => CronTask::MODE_EXTERNAL
    ]);
}

/**
 * Remove cron tasks
 */
function plugin_siem_wazuh_remove_cron_tasks() {
    global $DB;
    
    $query = "DELETE FROM glpi_crontasks WHERE itemtype LIKE 'PluginSiemWazuh%'";
    $DB->query($query);
}

/**
 * Create default configuration
 */
function plugin_siem_wazuh_create_default_config() {
    $config = new PluginSiemWazuhConfig();
    
    $default_configs = [
        'auto_create_ticket' => '1',
        'default_ticket_priority' => '3',
        'alert_retention_days' => '90',
        'sync_enabled' => '1',
        'max_alerts_per_sync' => '100',
        'notification_enabled' => '1'
    ];
    
    foreach ($default_configs as $name => $value) {
        $config->setConfiguration($name, $value);
    }
}

/**
 * Get database relations
 */
function plugin_siem_wazuh_getDatabaseRelations() {
    $plugin_relations = [];
    
    $plugin_relations["glpi_plugin_siem_wazuh_alerts"] = [
        "glpi_computers"         => "computer_id",
        "glpi_networkequipments" => "networkequipment_id",
        "glpi_tickets"          => "ticket_id"
    ];
    
    return $plugin_relations;
}

/**
 * Define dropdown relations
 */
function plugin_siem_wazuh_getDropdown() {
    return [
        'PluginSiemWazuhServer' => __('Wazuh Servers', 'siem-wazuh')
    ];
}

/**
 * Hook for profile changes
 */
function plugin_siem_wazuh_profile_form($prof) {
    global $DB;
    
    if ($prof->getID() 
        && Session::haveRight("profile", READ)) {
        
        $prof_id = $prof->getID();
        
        $query = "SELECT * FROM glpi_plugin_siem_wazuh_profiles WHERE profiles_id = '$prof_id'";
        $result = $DB->query($query);
        
        if ($DB->numrows($result)) {
            $rights = $DB->fetchAssoc($result);
        } else {
            $rights = [
                'wazuh_config' => '',
                'wazuh_server' => '',
                'wazuh_alert'  => ''
            ];
        }
        
        echo "<div class='spaced-form'>";
        echo "<table class='tab_cadre_fixehov'>";
        echo "<tr class='tab_bg_1'>";
        echo "<th colspan='2'>" . __('SIEM Wazuh Rights', 'siem-wazuh') . "</th>";
        echo "</tr>";
        
        $right_names = [
            'wazuh_config' => __('Configuration', 'siem-wazuh'),
            'wazuh_server' => __('Servers', 'siem-wazuh'),
            'wazuh_alert'  => __('Alerts', 'siem-wazuh')
        ];
        
        foreach ($right_names as $field => $label) {
            echo "<tr class='tab_bg_2'>";
            echo "<td>$label</td>";
            echo "<td>";
            Profile::dropdownNoneReadWrite($field, $rights[$field], 1, 1, 1);
            echo "</td>";
            echo "</tr>";
        }
        
        echo "</table>";
        echo "</div>";
    }
}

/**
 * Save profile rights
 */
function plugin_siem_wazuh_profile_save($prof) {
    global $DB;
    
    $prof_id = $prof->getID();
    
    if (isset($_POST['wazuh_config']) || isset($_POST['wazuh_server']) || isset($_POST['wazuh_alert'])) {
        $query = "REPLACE INTO glpi_plugin_siem_wazuh_profiles 
                  (profiles_id, wazuh_config, wazuh_server, wazuh_alert) 
                  VALUES ('$prof_id', '" . $_POST['wazuh_config'] . "', 
                          '" . $_POST['wazuh_server'] . "', '" . $_POST['wazuh_alert'] . "')";
        $DB->query($query);
    }
}